The history of knowing that, “I’m not a robot”.

In the early 1990s – before Gmail, Zimbra, Zoho, and ProtonMail came along – Yahoo Mail was king of the hill. It was free, easy to use, you could have any email address you wanted, and access it from anywhere on the planet. Everything was good. Except for one problem: spam. Literally millions of fake email accounts were being created every day by spammers.

By using automated computer scripts, known as ‘bots’, the spammers were able to complete the Yahoo Mail sign up for hundreds of times a minute, without any human intervention at all. The resulting random email addresses, which Yahoo had no way of telling apart from genuine accounts created by real, living humans, could then be used to sell you fake pills, or encourage you to wire money to a friendly Nigerian prince.

This was a real problem for Yahoo, and other free email providers. Spam filters were beginning to block emails from all Yahoo accounts, as the only way to combat the incessant spam. The company desperately needed a way to tell real humans apart from the spam-bots.

CAPTCHA.

Yahoo did not know what to do, but Luis von Ahn, then a PhD student in computer science, had the answer. Luis created a simple task that was easy for humans, but really difficult for the bots: deciphering a string of badly written letters and numbers. Most importantly of all, computers – like the ones running Yahoo’s email sign-up form – would be able to tell, automatically, whether the test was being answered by a human, or by a bot.

Von Ahn called his invention, “completely automated public Turing test to tell computers and humans apart.” It may not be catchy, but its acronym is: CAPTCHA.

reCAPTCHA, the New York Times… and Google.

Within a week of Luis von Ahn creating CAPTCHA, Yahoo was using it in their sign-up process, and it was working brilliantly. Unfortunately, everybody hated it. It took up 10 seconds of their time, when they could have been doing something else. So, von Ahn realised, why not give them something to do in that time?

Right around the same time as this was happening the New York Times was setting out to digitise its 100+ year newspaper archive. Much of that was an automated process, but there were lots of words in the scanned pictures of newspapers that the computers couldn’t work out. So, von Ahn realised, show one word at a time to each of the 200 million people completing a CAPTCHA test each day, and problem solved.

Luis founded a company called reCAPTCHA to do this work and, when Google wanted to build the world’s biggest library of digital books, they bought reCAPTCHA from von Ahn for an undisclosed, but very large, sum of money.

Breaking reCAPTCHA

Spammers hate reCAPTCHA, even more than the rest of us. Spam is big business, and reCAPTCHA is a threat to their income. Soon, they were paying ‘CAPTCHA farms’, low paid workers in developing nations, to solve reCAPTCHAs for the spam bots. When Google realised this and launched an improved reCAPTCHA –v2, asking users to choose ‘all the images with a car’ and similar – the spammers simply used off-the-shelf machine learning tools to beat the test.

The arms race had escalated, and the spammers were winning.

A new reCAPTCHA, v3.

Google’s answer is a new reCAPTCHA, v3. The first thing users will notice about this as it is rolled out online (which is still a work in progress) is that, well, they don’t notice it. Instead of asking users to complete a task, or a test, reCAPTCHA v3 is invisible. Instead, code in the webpage looks at what a user does on the website, and compares that to what other, real humans, have done. reCAPTCHA then gives the user a score – a probability of whether or not they are a robot – and sends this to the website. It’s then up to the site to decide what to do.

Of course, sooner or later even this new, transparent reCAPTCHA v3 will be cracked by the spammers but, for now, this machine learning AI is enough to keep the internet a useful tool, and not a spam filled wasteland.

Featured Blogs

Do you currently own a .org.uk, .net.uk, .me.uk, .plc.uk, .ltd.uk, or .co.uk domain name? If so, it’s possible that until June 25th, 2019, the matching .uk domain may automatically have been reserved for you. So, for example, if you own mywebsite.co.uk – until June 25th the corresponding mywebsite.uk domain may have been reserved. If you’d …

In the early 1990s – before Gmail, Zimbra, Zoho, and ProtonMail came along – Yahoo Mail was king of the hill. It was free, easy to use, you could have any email address you wanted, and access it from anywhere on the planet. Everything was good. Except for one problem: spam. Literally millions of fake …

A job well done is its own reward – however, it’s nice to be noticed and appreciated for the hard work you do. As such, catalyst2 is proud to announce that we’ve reached the finals in two categories of the 2019 ISPA Awards! The ISPA Awards The ISPA Awards is the largest awards ceremony for …

cPanel is well known within the IT and business world as an easy way to manage your business’ website but also its emails. With its intuitive user interface and wide range of powerful features, web and email hosting via the online cPanel platform is a great way to keep on top of your companies digital …

As South Korea claims to have pipped its US rivals to the post in being the first to roll-out a lightning-fast 5G mobile network, many are asking the question “just what is 5G?” Well, let us help you answer that question. 5G means ‘Fifth Generation’, and it is the latest innovation to join the raft …

There is still a lot of concern about whether there is going to a deal or not with the EU. The UK is due to leave the trading bloc in less than a month, an extension is possible but the chances of a deal seem slim. Even if there is a deal, there are going …

Brexit is a major issue for most companies in the UK right now, but there is one aspect which you may have overlooked: your .EU domain name. The Department of Digital, Culture, Media and Sport (DCMS) has announced that if the UK leaves the European Union on 29th March 2019 without a deal, any UK …

At catalyst2 we want to ensure we are delivering a fast and secure infrastructure for our clients, with this in mind, we recently completed some significant planned upgrades. Continuous improvement is central to everything we do at catalyst2 and also part of our commitment to ISO 9001. We recently upgraded our VMware infrastructure by adding …

To mark Safer Internet Day on February 5th 2019, Google released a new password checking plugin for its popular Chrome browser. It might sound boring but it could be vital in alerting you to compromised accounts. The Password Checkup Chrome Extension monitors your credentials, and if you attempt to sign in using compromised data, you …